Haveged Continued

I noticed that on my machine, my entropy was staying high, then falling off. Then, at what appeared to be some arbitrary point, it would fill back up, in a very periodic manner. This is, of course, after running haveged in the background. Curious, I started looking into it. It took a while to find. Then noticed it. It was obvious. The "write_wakeup_threshold" is what is telling the daemon to fill the entropy pool with more data.

$ cat /proc/sys/kernel/random/write_wakeup_threshold
1024

This is default, after installing haveged. But, the poolsize is 4096. It sure would be nice if the write_wakeup_threshold was 4096, rather than 1024. Well, you have two options to set it: you can use sysctl, or you can use haveged. Let's look at both (I prefer the latter). With sysctl, you just need to edit the /etc/sysctl.conf file, and add the following lines:

## Keep the entropy at full up
kernel.random.write_wakeup_threshold = 4096

Then run:

# sysctl -p
kernel.random.write_wakeup_threshold = 4096

Or, haveged ships with a configuration file to set this automatically when the daemon starts, and this should probably be the preferred way for setting it. Change the /etc/default/haveged file to use 4096 instead of 1024:

Found a slight modification to the configuration when using systemd and the testing or above version (as of writing 1.7c) or above. The systemd service doesn't honor /etc/default/haveged and instead uses /lib/systemd/system/haveged.service. After modifying the file from "-w 1024" to "-w 4096" you will want to issue "systemctl --system daemon-reload" and restart the service to see the changes.

Theses setting fall off upon reboot so you have to run sysctl -p every time you reboot if you want it all the time. also the haveged version does not appear to do anything that I am able to detect, The sysctl one works like a charm though.